Step 14: In Facebook for developer page, SETTINGS>ADVANCED, toggle from NO to YES for Client OAuth Login and then paste the OAuth Redirect URI in the textbox and then click on SAVE CHANGES

Step 15: Go back to Bluemix DASHBOARD, you will now find VERIFY button,click on that and Verify Access to Facebook by clicking on “Click here”

Step 16: Awesome! It’s working!!

Step 17: You can now see your identity source app in the list

The next step is to Configure APP by creating an APP:

Configuring a Liberty for Java APP with SSO:

For Liberty for Java Applications, the Single Sign On service leverages the OpenID Connect (OIDC) client feature from Liberty and the Bluemix Liberty buildpack. As a result, Java applications running on Bluemix do not need to include any code to support the OpenID Connect protocol or Single Sign On.

However, you must enable security constraints. To enable them, you can use declarative J2EE security to secure the application and all protocol support is completely “built-in.”

After you bind the app to an instance of the single sign-on service, the Bluemix buildpack detects that the application is bound and automatically configures the OIDC client in the Liberty runtime server.xml to enable the application for the service. The configuration is done when you deploy the application in Bluemix using either the cf push command or using the restaging process in the Bluemix dashboard.

To complete the configuration of the application, you must add security constraints. You can add the constraints in the same manner as you would for traditional J2EE applications using EAR/WAR binding files to declare roles and protected resources.

The following example illustrates security constraint configuration for a Java application that uses the web.xml and the Liberty server.xml files.

Create a HelloWorld Servlet in com package with twitter as the Java application name